CVE-2008-5698

Publication date 22 December 2008

Last updated 24 July 2024


Ubuntu priority

Negligible

Why this priority?

HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information.

Read the notes from the security team

Status

Package Ubuntu Release Status
kdebase 9.04 jaunty Ignored
8.10 intrepid Ignored
8.04 LTS hardy Ignored
7.10 gutsy Ignored end of life, was needed
6.06 LTS dapper Ignored

Notes


jdstrand

browser crash


mdeslaur

PoC: http://www.milw0rm.com/exploits/6718 browser DoS, ignoring.